<?

	require_once '../class/ale/factory.php';

	global $db, $yap, $jackknife, $eve;
	$db = new mysqli("localhost","psyk","solidsnake","psyk_site");
	if (mysqli_connect_errno()) {
		printf("Connect failed: %s\n", mysqli_connect_error());
		exit();
	}
	$yap = mysql_connect("localhost","YUser","YPass");
	mysql_select_db("yapeal",$yap);
	
	$jackknife = mysql_connect("localhost","jackknife","123lkj");
	mysql_select_db("jackknife",$jackknife);
	
	$eve = mysql_connect("localhost","eve","static");
	mysql_select_db("evestatic",$eve);

	session_start();
	$p = (isset($_GET['p']))?$_GET['p']:null;
	$QUERY = (isset($_SERVER['QUERY_STRING']))?$_SERVER['QUERY_STRING']:'';
	$CUR_PAGE = $_SERVER['PHP_SELF']."?".$QUERY;

	function pr($i){echo"<pre>";print_r($i);echo"</pre>";}
	function mres($i){return mysql_real_escape_string($i);}
	
	function selectPage($p) {
		if (!isset($_SESSION['userID'])) {
			if ( isset($_POST['username']) && isset($_POST['password']) ) {
				$logged_in = getLogin($_POST['username'],$_POST['password']);
			} elseif( isset($_SESSION['username']) && isset($_SESSION['password']) ) {
				$logged_in = getLogin($_SESSION['username'],$_SESSION['password']);
			} else {
				include('./pages/login.php');
				return;
			}
		} else $logged_in = true;
		if ($logged_in){
			include('./pages/navigation.php');
			if ( !isset( $p )) {
				include('./pages/default.php');
			} else {
				if( file_exists( './pages/'.$p.'.php' ) ){
					include('./pages/'.$p.'.php');
				} else {
					include('./pages/default.php');
				}
			}
		} else {
			error('Login Error',"invalid login details, please try again.");
			include('./pages/login.php');
		}
		include('./pages/footer.php');
	}
	
	function getLogin($u,$p) {
		$md5p = md5($p);
		global $db;
		$stmt =  $db->stmt_init();
		if ($stmt->prepare("SELECT * FROM user_details WHERE username=? AND password=?")) {
			/* bind parameters for markers */
			$stmt->bind_param("ss", $u,$md5p);
			/* execute query */
			 $stmt->execute();
			/* store result */
			$stmt->store_result();
			if ($stmt->num_rows == 1) 
				$return = true;
			else 
				$return = false;
			/* close statement */
			$stmt->close();
		} else $return = false;
		/* close connection */
		$db->close();
		if ($return) {
			$_SESSION['username'] = $u;
			$_SESSION['password'] = $p;
			setcookie ("username", $u, time() + ((3600*24)*7));
			setcookie ("password", $p, time() + ((3600*24)*7));
		}
		return $return;
	}
	
	function error($t,$msg){
		echo "
		<!--start error box-->
			<div id='errorBox'>
				<div id='errorTitle'>{$t}</div>
				<div class='inset'>
					<em>{$msg}</em>
				</div>
			</div>
		<!--end error box-->
		";
	}
	
	function removeAPI($userid) {
		$HACKS = mysql_connect("localhost","jackknife","123lkj") or die ("" . mysql_errno($HACKS) . ": " . mysql_error($HACKS). "");
		mysql_select_db("jackknife",$HACKS) or die ("" . mysql_errno($HACKS) . ": " . mysql_error($HACKS). "");
		$update_user_api = mysql_query("DELETE FROM `api_details` WHERE usr={$userid}");
	}
	function deactivateAPI($userid) {
		$HACKS = mysql_connect("localhost","jackknife","123lkj") or die ("" . mysql_errno($HACKS) . ": " . mysql_error($HACKS). "");
		mysql_select_db("jackknife",$HACKS) or die ("" . mysql_errno($HACKS) . ": " . mysql_error($HACKS). "");
		$update_user_api = mysql_query("UPDATE api_details SET active=0 WHERE usr={$userid}");
	}
	function activateAPI($userid) {
		$HACKS = mysql_connect("localhost","jackknife","123lkj") or die ("" . mysql_errno($HACKS) . ": " . mysql_error($HACKS). "");
		mysql_select_db("jackknife",$HACKS) or die ("" . mysql_errno($HACKS) . ": " . mysql_error($HACKS). "");
		$update_user_api = mysql_query("UPDATE api_details SET active=1 WHERE usr={$userid}");
	}
	function addAPI($userid,$apikey) {
		$HACKS = mysql_connect("localhost","jackknife","123lkj") or die ("" . mysql_errno($HACKS) . ": " . mysql_error($HACKS). "");
		mysql_select_db("jackknife",$HACKS) or die ("" . mysql_errno($HACKS) . ": " . mysql_error($HACKS). "");
		$update_user_api = mysql_query("INSERT INTO `api_details` (
											`api` , `usr` , `chr` , `active` , `apitype` , `time`
										) VALUES (
											'{$apikey}',  '{$userid}',  '0',  '1',  'careface', CURRENT_TIMESTAMP");
	}

?>